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(54) Folder type time stamping system and distributed time stamping system 



(57) In a time stamping system formed by a client 
device and a server device, the client device includes a 
digest generation unit for generating a plurality of 
digests for a plurality of digital documents, a digest com- 
bining unit for combining the plurality of digests gener- 
ated by the digest generation unit, a unified digest 
generation unit for generating a unified digest from the 
plurality of digests as combined by the digest combining 
unit, a transmission unit for transmitting a time stamping 
request containing the unified digest generated by the 



unified digest generation unit, to the server device, and 
a reception unit for receiving a time stamp token for the 
plurality of digital documents from the server device. 
The server device generates the time stamp token con- 
taining a time stamped digital document obtained by 
combining the unified digest and a time information 
acquired in response to the time stamping request, and 
a digital signature for the time stamped digital docu- 
ment 
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Description 

BACKGROUND OF THE INVENTION 
FIELD OF THE INVENTION 

[0001 ] The present invention relates to a folder type 
time stamping system and a distributed time stamping 
system that enable to prove that digital documents are 
not altered since a time of the time stamp and definitely 
existed at a time of the time stamp in a service for time 
stamping digital documents. 

DESCRIPTION OF THE BACKGROUND ART 

[0002] Under the first to invent system of the U.S. 
patent practice, it is possible to use a dated research 
notebook as an evidence for establishing the priority 
date, and a dated housekeeping book can be used as a 
record of disbursement for the final income tax return, 
for example. On the other hand, in conjunction with the 
increasing utilization of a PC on daily basis, it has 
become popular to keep a daily record such as the 
research notebook and the housekeeping book by 
using a PC. 

[0003] However, In the case of electronic digital 
records made on a PC, it has been difficult to prove the 
recorded content including the recorded date and time 
to a third person because such electronic digital records 
can be altered easily, unlike the records using papers as 
recording medium. 

[0004] In this regard, there has been a proposition 
of a service for time stamping digital documents using a 
personal date/time notary device as disclosed in U.S. 
Patent No. 5,422,953. In this personal date/time notary 
device, a time stamping device is incorporated into a 
smart card or the like and the time stamping is carried 
out at a time of the digital signature. 
[0005] There has also been a proposition of a pub- 
lic/key date- time notary facility as disclosed in U.S. Pat- 
ent No. 5,001,752 and U.S. Patent No. 5,136,643, in 
which a time stamping device is provided as a single 
hardware platform such that a document creator can 
carry out the time stamping using that device. 
[0006] Both of these propositions are based on a 
scheme where a document creator carries out the time 
stamping so that the time stamp can be easily forged 
and there is no reliability as they do not amount to a 
proof by a third party. 

[0007]. There has also been a proposition of an 
electronic notary as disclosed in U.S. Patent No. 
5,022,080, in which the time stamping is carried out by 
producing a compressed document using CRC (Cyclic 
Redundancy Check), parity and checksum for the origi- 
nal document in combination. For the compressed doc- 
ument produced in this scheme, it is easier to forge a 
digital document that has the same compressed docu- 
ment, compared with a compressed document pro- 



duced by the hash function (such as MD5 or SHA-1 , for 
example) that is currently widely used as the crypto- 
graphic technique. 

[0008] There has also been a proposition of a digital 

5 document time-stamping scheme as disclosed in U.S. 
Patent No. 5,136,646 and U.S. Patent No. 5,136,647, in 
which a time stamp certificate is produced independ- 
ently by an external time stamping agency. In this time 
stamping scheme, the external agency can easily forge 

w the certificate. 

[0009] In order to remedy these problems, there 
has been a proposition of a scheme for producing a time 
stamp certificate by digitally signing a compressed doc- 
ument obtained by applying a hash function to a digital 

15 document in which a received time stamping request is 
combined with an immediately previously issued time 
stamp certificate of the external agency. In this scheme, 
it is practically impossible for the external agency to 
forge the time stamp certificate, but the order among dif- 

20 ferent rounds (constant periods for issuing time stamp 
certificates) cannot be verified. 

[0010] Also, in order to prove that the time stamp 
certificate is authentic, the certificates issued up to that 
point will be necessary. Namely, it is impossible to prove 

25 the time stamp certificate as authentic unless either all 
the time stamp certificates issued by the external 
agency or those time stamp certificates that are neces- 
sary in tracing back to the value of the time stamp certif- 
icate at a time of the periodic public disclosure are 

30 stored. For this reason, the system requires an enor- 
mous memory capacity and an enormous amount of 
time in proving the authenticity. 

[0011] Currently, the IETF (Internet Engineering 
Task Force) is in a process of standardizing a protocol in 

35 which a digital document compressed by the hash func- 
tion is sent to an external agency, and a time stamp cer- 
tificate is produced for this compressed digital 
document at the external agency. This proposed 
scheme already has a problem that it is impossible to 

40 eliminate a possibility for forging the time stamp certifi- 
cate and a possibility for a malicious third party who is 
not permitted to acquire the time stamp certificate to ille- 
gally acquire the time stamp certificate. 
[0012] On the other hand, Japanese Patent Appli- 

45 cation No. 11-35761 (1999) discloses a time-stamping 
device in which a single time stamping agency has par- 
tial secret keys that are equivalent to subdivided secret 
keys of the public key cryptosystem, and each partial 
signing agency which is a third party agency generates 

so a partial signature independently, rather than generat- 
ing a digital signature at a single time stamping agency, 
such that the forgery of the time stamp certificate by the 
time stamping agency is prevented. 
[0013] In this time stamping device, it is possible to 

55 prove the existence of a digital document at high reliabil- 
ity by regularly producing a document creation log at a 
client side who wishes to utilize the time stamping 
agency, and producing a time stamp certificate regard- 
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ing that document creation log at the time stamping 
agency. 

[001 4] Also, on the server side, the secret key of the 
time stamping device is distributed in division among a 
plurality of digital signature units and each digital signa- 
ture unit generates a ulgiiai signature independently, in 
order to eliminate a possibility of having the secret key 
stolen that is present in the case where the external 
time stamping agency generates a digital signature 
using a single secret key, and a possibility of forging the 
time stamp of the past time by the conspiracy of the dig- 
ital document author and the external time stamping 
agency. 

[001 5] In this way, it is possible to operate the exter- 
nal time stamping agencies to provide a safe and relia- 
ble time stamping service in which there is no risk of 
having the secret key stolen and the forgery of the time 
stamp is impossible unless the time stamping agency is 
in conspiracy with all the parties for generating digital 
signatures. Also, there is no need to store the time 
stamp certificates issued in the past at all, so that it is 
possible to reduce a required memory capacity consid- 
erably compared with the above described conventional 
method. 

[0016] However, in the case where distributed time 
stamping agencies are to carry out the time stamping 
and generate the digital signature independently by 
using partial secret keys with respect to the same digital 
document, it is impossible to verify the digital signatures 
by using the public key corresponding to the distributed 
secret keys unless all the time stamping agencies 
attach the exactly identical time to the digital document 
before generating the digital signatures. 

SUMMARY OF THE INVENTION 

[0017] It is therefore an object of the present inven- 
tion to provide a folder type time stamping system by 
which digital documents on PCs can be used as records 
with daily log similarly as the research notebook and the 
housekeeping book by regularly acquiring the time 
stamp certificate for the digital documents from a relia- 
ble third party agency for the purpose of the existence 
proof, and the document creation log can be utilized in a 
form of a recording medium at a time of proving to a 
third person. 

[001 8] It is another object of the present invention to 
provide a distributed time stamping system in which a 
unified digital signature obtained from a plurality of par- 
tial digital signatures can be decrypted using a single 
public key in the case of carrying out the time stamping 
and generating the digital signature independently at 
distributed time stamping agencies. 
[0019] According to one aspect of the present 
invention there is provided a time stamping system, 
comprising a client device and a server device; the cli- 
ent device including: a digest generation unit for gener- 
ating a plurality of digests for a plurality of digital 



documents; a digest combining unit for combining the 
plurality of digests generated by the digest generation 
unit; a unified digest generation unit for generating a 
unified digest from the plurality of digests as combined 

5 by the digest combining unit; a transmission unit for 
transmitting a time stamping request containing the uni- 
fied digest generated by the unified digest generation 
unit, to the server device; and a reception unit for receiv- 
ing a time stamp token for the plurality of digital docu- 

jo ments from the server device; and wherein the server 
device generates the time stamp token containing a 
time stamped digital document obtained by combining 
the unified digest and a time information acquired in 
response to the time stamping request, and a digital sig- 

t5 nature for the time stamped digital document. 

[0020] According to another aspect of the present 
invention there is provided a client device of a time 
stamping system, the client device comprising: a digest 
generation unit for generating a plurality of digests for a 

20 plurality of digital documents; a digest combining unit for 
combining the plurality of digests generated by the 
digest generation unit; a unified digest generation unit 
for generating a unified digest from the plurality of 
digests as combined by the digest combining unit; a 

25 transmission unit for transmitting a time stamping 
request containing the unified digest generated by the 
unified digest generation unit, to a server device of the 
time stamping system; and a reception unit for receiving 
a time stamp token for the plurality of digital documents 

30 from the server device. 

[0021] According to another aspect of the present 
invention there is provided a server device of a time 
stamping system, the server device comprising; a plu- 
rality of time acquisition units, each time acquisition unit 

35 sequentially acquiring the time information given in a 
prescribed constant incremental time unit, in response 
to a received digital document, independently from 
other time acquisition units; a plurality of combining 
units, provided in correspondence to the plurality of time 

40 acquisition units, each combining unit generating a plu- 
rality of time stamped digital documents by sequentially 
combining the received digital document with the time 
information sequentially acquired by a corresponding 
one of the time acquisition units, independently from 

45 other combining units: a plurality of digital signature 
units, provided in correspondence to the plurality of 
combining units, each digital signature unit generating a 
digital signature for each time stamped digital document 
generated by a corresponding one of the combining 

so units, independently from other digital signature units: a 
unified digital signature generation unit for selecting a 
plurality of digital signatures, one digital signature per 
each digital signature unit, which are generated by the 
plurality of digital signature units for one time stamped 

55 digital document of an identical time, from a plurality of 
digital signatures generated by the plurality of digital 
signature units, and generating a unified digital signa- 
ture from selected digital signatures; and a time stamp 
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token generation unit for generating the time stamp 
token from said one time stamped digital document and 
the unified digital signature generated by the unified dig- 
ital signature generation unit. 

[0022] According to another aspect of the present 5 
invention tnere is provided a time stamping method in a 
time stamping system formed by a client device and a 
server device, comprising the steps of; (a) generating a 
plurality of digests for a plurality of digital documents at 
the client device; (b) combining the plurality of digests 10 
generated by the step (a), at the client device; (c) gener- 
ating a unified digest from the plurality of digests as 
combined by the step (b), at the client device; (d) trans- 
mitting a time stamping request containing the unified 
digest generated by the step (c), from the client device is 
to the server device; (e) generating at the server device 
a time stamp token containing a time stamped digital 
document obtained by combining the unified digest and 
a time information acquired in response to the time 
stamping request, and a digital signature for the time 20 
stamped digital document; and (f) receiving the time 
stamp token for the plurality of digital documents from 
the server device, at the client device. 
[0023] According to another aspect of the present 
invention there is provided a method of receiving a time 25 
stamping service at a client device of a time stamping 
system, the method comprising the steps of: (a) gener- 
ating a plurality of digests for a plurality of digital docu- 
ments; (b) combining the plurality of digests generated 
by the step (b); (c) generating a unified digest from the 30 
plurality of digests as combined by the step (b); (d) 
transmitting a time stamping request containing the uni- 
fied digest generated by the step (c), to a server device 
of the time stamping system; and (e) receiving a time 
stamp token for the plurality of digital documents from 35 
the server device. 

[0024] According to another aspect of the present 
invention there is provided a method of providing a time 
stamping service at a server device of a time stamping 
system, the method comprising the steps of: (a) 40 
sequentially acquiring a time information given in a pre- 
scribed constant incremental time unit, in response to a 
received digital document, at each one of a plurality of 
time acquisition units in the server device, independ- 
ently from other time acquisition units; (b) generating a 45 
plurality of time stamped digital documents at each one 
of a plurality of combining units, provided in correspond- 
ence to the plurality of time acquisition units in the 
server device, by sequentially combining the received 
digital document with the time information sequentially so 
acquired by a corresponding one of the time acquisition 
units, independently from other combining units; (c) 
generating a digital signature at each one of a plurality 
of digital signature units, provided in correspondence to 
the plurality of combining units in the server device, for ss 
each time stamped digital document generated by a 
corresponding one of the combining units, independ- 
ently from other digital signature units; (d) selecting a 
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plurality of digital signatures, one digital signature per 
each digital signature unit, which are generated by the 
plurality of digital signature units for one time stamped 
digital document of an identical time, from a plurality of 
digital signatures generated by the plurality of digital 
signature units, and generating a unified digital signa- 
ture from selected digital signatures; and (e) generating 
the time stamp token from said one time stamped digital 
document and the unified digital signature generated by 
the step (d). 

[0025] According to another aspect of the present 
invention there is provided a computer usable medium 
having computer readable program codes embodied 
therein for causing a computer to function as a client 
device of a time stamping system, the computer reada- 
ble program codes including: a first computer readable 
program code for causing said computer to generate a 
plurality of digests for a plurality of digital documents; a 
second computer readable program code for causing 
said computer to combine the plurality of digests gener- 
ated by the first computer readable program code; a 
third computer readable program code for causing said 
computer to generate a unified digest from the plurality 
of digests as combined by the second computer reada- 
ble program code; a fourth computer readable program 
code for causing said computer to transmit a time 
stamping request containing the unified digest gener- 
ated by the third computer readable program code, to a 
server device of the time stamping system; and a fifth 
computer readable program code for causing said com- 
puter to receive a time stamp token for the plurality of 
digital documents from the server device. 
[0026] According to another aspect of the present 
invention there is provided a computer usable medium 
having computer readable program codes embodied 
therein for causing at least one computer to function as 
a server device of a time stamping system, the compu- 
ter readable program codes including: a first computer 
readable program code for causing said at least one 
computer to realize a plurality of time acquisition units, 
each time acquisition unit sequentially acquiring the 
time information given in a prescribed constant incre- 
mental time unit, in response to a received digital docu- 
ment, independently from other time acquisition units; a 
second computer readable program code for causing 
said at least one computer to realize a plurality of com- 
bining units, provided in correspondence to the plurality 
of time acquisition units, each combining unit generat- 
ing a plurality of time stamped digital documents by 
sequentially combining the received digital document 
with the time information sequentially acquired by a cor- 
responding one of the time acquisition units, independ- 
ently from other combining units; a third computer 
readable program code for causing said at least one 
computer to realize a plurality of digital signature units, 
provided in correspondence to the plurality of combining 
units, each digital signature unit generating a digital sig- 
nature for each time stamped digital document gener- 
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ated by a corresponding one of the combining units, 
independently from other digital signature units; a fourth 
computer readable program code for causing said at 
least one computer to select a plurality of digital signa- 
tures, one digital signature per each digital signature 5 
unit, which are generated by the plurality of digital sig- 
nature units for one time stamped digital document of 
an identical time, from a plurality of digital signatures 
generated by the plurality of digital signature units, and 
to generate a unified digital signature from selected dig- w 
ital signatures; and a fifth computer readable program 
code for causing said at least one computer to generate 
the time stamp token from said one time stamped digital 
document and the unified digital signature generated by 
the fourth computer readable program code. 15 
[0027] Other features and advantages of the 
present invention will become apparent from the follow- 
ing description taken in conjunction with the accompa- 
nying drawings. 

20 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0028] 

Fig. 1 is a block diagram showing an exemplary 25 
configuration of a folder type time stamping system 
according to the first embodiment of the present 
invention. 

Fig. 2 is a block diagram showing an exemplary 
configuration of a folder type time stamping system 30 
according to the second embodiment of the present 
invention. 

Fig. 3 is a block diagram showing an exemplary 
configuration of a distributed time stamping system 
according to the third embodiment of the present 35 
invention. 

Fig. 4 is a block diagram showing an exemplary 
configuration of a distributed time stamping system 
according to the fourth embodiment of the present 
invention. ao 
Fig. 5 is a diagram showing one example of 
acquired time information in the distributed time 
stamping system of Rg. 3 and Fig. 4. 
Fig. 6 is a diagram showing another example of 
acquired time information in the distributed time as 
stamping system of Rg. 3 and Fig. 4. 
Fig. 7 is a diagram showing another example of 
acquired time information in the distributed time 
stamping system of Rg. 3 and Fig. 4. 
Fig. 8 is a diagram showing a relationship between so 
potential digital document arrival time intervals for 
two different combining units in the distributed time 
stamping system of Rg. 3 and Fig. 4. 
Rg. 9 is a diagram showing an example of potential 
digital document arrival time intervals and actual ss 
digital document arrival time for two different com- 
bining units in the distributed time stamping system 
of Rg. 3 and Rg. 4. 



Rg. 10 is a block diagram showing an exemplary 
configuration of a folder type distributed time 
stamping system according to the fifth embodiment 
of the present invention. 

Rg. 11 is a block diagram showing an exemplary 
configuration of a client unit in the folder type dis- 
tributed time stamping system of Rg. 10. 
Rg. 12 is a block diagram showing one exemplary 
configuration of a server unit in the folder type dis- 
tributed time stamping system of Rg. 10. 
Rg. 13 is a block diagram showing another exem- 
plary configuration of a server unit in the folder type 
distributed time stamping system of Rg. 1 0. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

[0029] Referring now to Rg. 1 and Rg. 2, the first 
and second embodiments directed to a folder type time 
stamping system according to the present invention will 
be described in detail. 

[0030] Fig. 1 shows a configuration of the folder 
type time stamping system according to the first embod- 
iment of the present invention. 

[0031] In Fig. 1 , the folder type time stamping sys- 
tem 1 comprises: a digest generation unit 1 1 for gener- 
ating digests of target digital documents G among 
digital documents that may contain any of text data, 
image data and speech data; a digest combining unit 13 
for combining a plurality of digests generated by the 
digest generation unit 1 1 ; a unified digest generation 
unit 15 for generating a unified digest for a result 
obtained by combining a plurality of digests at the digest 
combining unit 13; a transmission unit 17 for transmit- 
ting data containing the unified digest generated by the 
unified digest generation unit 15, to a digital signature 
generation unit 1 9 through a time stamping unit 21 ; a 
digital signature generation unit 19 for combining a time 
acquired from a time acquisition unit 23 to the data con- 
taining the unified digest that is received from the uni- 
fied digest generation unit 15 through the transmission 
unit 17, and generating a digital signature for the 
obtained combination as a whole; a time stamping unit 
21 for sending a time stamp token (certificate) contain- 
ing the unified digest, the time, and the digital signature 
generated or acquired above, to a reception unit 25; a 
time acquisition unit 23 for providing a time information 
indicating the time at a moment of an inquiry from the 
time stamping unit 21 ; and a reception unit 25 for receiv- 
ing the time stamp token sent from the time stamping 
unit 21. 

[0032] Here, the digest generation unit 11, the 
digest combining unit 13, the unified digest generation 
unit 15, the transmission unit 17, and the reception unit 
25 constitute a client unit 1 00, while the digital signature 
generation unit 1 9, the time stamping unit 21 , and the 
time acquisition unit 23 constitute a server unit 200. 
[0033] In the following, the time stamping process- 
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ing in this first embodiment will be described in detail 
with reference to Fig. 1 . 

[0034] The target digital documents G produced by 
an author may contain any of text data, image data, 
speech data, and binary data or their combination. For 
these target digital documents G, the digests are gener- 
ated by the digest generation unit 11 in the folder type 
time stamping system 1 , using the hash function (such 
as MD5 or SHA-1, for example) for each digital docu- 
ment, such that the processing becomes faster, the 
original document will not be sent to the server unit 200, 
and different values can be obtained for different docu- 
ments at very high probabilities. 
[0035] More specifically, denoting the hash function 
as h, and a plurality of digital documents that constitute 
the target digital documents G as g 1f g 2 , , g n . tne 
digest generation unit 1 1 generates digests h(g t ), h(g 2 ), 

h(gn). 

[0036] Then, the digest combining unit 13 obtains 
h(g-i) • h(92) n (9n) as a result of combining the 
digests h(g t ), h(g 2 ), , h(g n ) by concatenation, for 
example. 

[0037] The unified digest generation unit 15 gener- 
ates the unified digest from this result of combining. 
Here, denoting the hash function used by the unified 
digest generation unit 1 5 as i, the unified digest genera- 
tion unit 15 generates the unified digest Kh^) • hfg^) 

h(g n )). The transmission unit 17 then transmits this 

unified digest i(h(g n ) ■ h(gg) h{gj) to the digital sig- 
nature generation unit 1 9 through the time stamping unit 
21. 

[0038] The digital signature generation unit 1 9 gen- 
erates the digital signature s for a digital data containing 
the unified digest 1(h(gt) • h(g 2 ) h(g n )) and the time t 
acquired from the time acquisition unit 23, and sends 
this digital signature s to the time stamping unit 21 . 
[0039] Then, the time stamping unit 21 issues the 
time stamp token containing the digital signature s, the 

unified digest \{h(gj • h(g 2 ) h(g n )), and the time t, 

and sends this time stamp token to the reception unit 
25. 

[0040] According to the first embodiment, it 
becomes possible to acquire the time stamp token for 
digital documents on a PC in which a coherent system 
of documents are often formed by a combination of 
related documents, figures and tables, etc., in relation to 
these related documents or the other digital documents 
on the PC from which these related documents are pro- 
duced, by regularly acquiring the time stamp token 
issued for the digital documents from a reliable third 
party agency for the purpose of the existence proof. 
[0041] It is also possible to improve the reliability of 
the existence proof of the time stamped documents, 
and digital documents on PCs can be used as records 
with daily log similarly as the research notebook and the 
housekeeping book, and the document creation log can 
be utilized in a form of a recording medium at a time of 
proving to a third person. 



[0042] In this way, it becomes possible to prove the 
the plurality of digital documents have not been altered 
since the time of the time stamp, and these plurality of 
digital documents definitely existed together at the time 

5 of the time stamp. Moreover, there is no need to judge 
the necessity of the time stamp token for each digital 
document separately and it suffices to acquire a single 
time stamp token for a plurality of digital documents col- 
lectively so that it becomes possible to utilize the time 

10 stamping service at lower cost 

[0043] Next, Fig. 2 shows a configuration of the 
folder type time stamping system according to the sec- 
ond embodiment of the present invention. 
[0044] In Fig. 2, the folder type time stamping sys- 

15 tern 3 comprises: a digest generation unit 31 for gener- 
ating digests of target digital documents G among 
digital documents F that may contain any of text data, 
image data and speech data: a digest combining unit 33 
for combining a plurality of digests generated by the 

20 digest generation unit 31; a unified digest generation 
unit 35 for generating a unified digest for a result 
obtained by combining a plurality of digests at the digest 
combining unit 33; a transmission unit 37 for transmit- 
ting data containing the unified digest generated by the 

25 unified digest generation unit 35, to a digital signature 
generation unit 39 through a time stamping unit 41; a 
digital signature generation unit 39 for combining a time 
acquired from a time acquisition unit 43a to the data 
containing the unified digest that is received from the 

30 unified digest generation unit 35 through the transmis- 
sion unit 37, and generating a digital signature for the 
obtained combination as a whole; a time stamping unit 
41 for sending a time stamp token (certificate) contain- 
ing the unified digest, the time, and the digital signature 

35 generated or acquired above, to a reception unit 45; a 
time acquisition unit 43a for providing a time information 
indicating the time at a moment of an inquiry from the 
time stamping unit 41; a reception unit 45 for receiving 
the time stamp token sent from the time stamping unit 

ao 41; a verification unit 47 for verifying the time stamp 
token received through the reception unit 45; a time 
specifying unit 49 for specifying a timing for generating 
digests to the digest generation unit 31; a digital docu- 
ment specifying unit 51 for specifying the target digital 

45 documents G from the digital documents F; and a time 
acquisition unit 43b for providing a time information indi- 
cating the time at a moment of an inquiry from any of the 
digest generation unit 31, the transmission unit 37, the 
reception unit 45 and the verification unit 47. Note that 

so the time acquisition unit 43a and the time acquisition 
unit 43b may be the same entity. 
[0045] Here, the digest generation unit 31, the 
digest combining unit 33, the unified digest generation 
unit 35, the transmission unit 37, the reception unit 45, 

55 the verification unit 47, the time specifying unit 49, the 
digital document specifying unit 51, and the time acqui- 
sition unit 43b constitute a client unit 1 00, while the dig- 
ital signature generation unit 39, the time stamping unit 
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41 , and the time acquisition unit 43a constitute a server 
unit 200. 

[0046] In the following, the time stamping process- 
ing in this second embodiment will be described in 
detail with reference to Fig. 2. s 
[0047] The digital document specifying unit 51 
specifies the target digital documents G in units of files 
or folders, from the digital documents D that may con- 
tain any of text data, image data, speech data, and 
binary data or their combination that are located on a 10 
network or inside a PC which is accessible from a PC. 
[0048] When the digest generation unit 31 detects 
that it is now the time specified from the time specifying 
unit 49, according to the time acquired from the time 
acquisition unit 43b, the digest generation unit 31 gener- ts 
ates digests for these target digital documents G, using 
the hash function (such as MD5 or SHA-1, for example) 
for each digital document. 

[0049] More specifically, denoting the hash function 
as h, and a plurality of digital documents that constitute 20 
the target digital documents G as g 1f g 2 , , g n > the 
digest generation unit 31 generates digests h(g.,), h(g 2 ), 
h(gn). 

[0050] Then, the digest combining unit 33 obtains 
h(9i) • h(g 2 ) " h(g n ) as a result of combining the digests 25 
h(9i)» n (92)» • n (9n) by concatenation, for example. 
[0051] The unified digest generation unit 35 gener- 
ates the unified digest from this result of combining. 
Here, denoting the hash function used by the unified 
digest generation unit 35 as i, the unified digest genera- 30 
tion unit 35 generates the unified digest Kh^)- h^) 

h(g n )). The transmission unit 37 then transmits this 

unified digest \{h{Q,)* h^) h(g n )) to the digital sig- 
nature generation unit 39 through the time stamping unit 
41. 35 
[0052] The digital signature generation unit 39 gen- 
erates the digital signature s for a digital data containing 
the unified digest KhfgO • h(g 2 ) h(g n )) and the time t 
acquired from the time acquisition unit 43a, and sends 
this digital signature s to the time stamping unit 41 . *o 
[0053] Then, the time stamping unit 41 issues the 
time stamp token containing the digital signature s, the 
unified digest i(h(g.,) • h(g 2 ) h(g n )), and the time t, 
and sends this time stamp token to the reception unit 
45. 

[0054] Then, the verification unit 47 verifies that the 
digital signature attached to the time stamp token 
received at the reception unit 45 is an authentic digital 
signature generated by the digital signature generation 
unit 39. so 
[0055] In addition, the verification unit 47 also veri- 
fies that the time attached to the time stamp token is 
after the time of transmission from the transmission unit 
37 to the digital signature generation unit 39 and before 
the time of reception at the reception unit 45. 55 
[0056] As described, according to the second 
embodiment, in addition to the effects described above 
for the first embodiment, it is possible to acquire the time 



stamp token regularly for files on the PC that are speci- 
fied in units of files or folders, and record the file crea- 
tion and modification log for files on the PC including 
relations with the related files, so that it becomes possi- 
ble to use a sequence of the time stamp tokens 
acquired over a extended period of time as a proof for 
the file creation and modification log of files on the PC 
by a third person. This sequence of the time stamp 
tokens is more difficult to forge than the research note- 
book or the housekeeping book so that it becomes pos- 
sible to provide a highly reliable time stamping service 
for digital documents. 

[0057] Note that computer programs for realizing 
the folder type time stamping system as described 
above can be provided in forms of recording media such 
that these programs can be distributed more easily 
using these recording media. 

[0058] Referring now to Fig. 3 to Fig. 9, the third 
and fourth embodiments directed to a distributed time 
stamping system according to the present invention will 
be described in detail. 

[0059] Fig. 3 shows a configuration of the distrib- 
uted time stamping system according to the third 
embodiment of the present invention. 
[0060] ' In Fig. 3, the distributed time stamping sys- 
tem 1 01 comprises: a plurality of time acquisition units 
1 1 3a, 11 3b, , 1 1 3s for acquiring time information 



tj 



t 3 ■ 



having a constant incremental time unit, independently 
for n times where n is an integer greater than or equal to 
one, at a constant acquisition interval; a plurality of com- 
bining units 111a, 111b, , 111s provided respec- 
tively in correspondence to the time acquisition units 
1 13a, 1 13b, , 1 13s, for independently and successively 
producing a time stamped digital document 



by combining a the respective time information 



t, i 



with a digital document M; a plurality of digital signature 

units 115a, 115b, , 115s provided respectively in 

correspondence to the combining units 111a, 111b, 
, 111s, for independently generating a digital signa- 
ture for each respective time stamped digital document 
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Is appropriately selected. That is: 

Mt, , ; 

gcd(e, (p-1)(q-1)) = 1 



a unified digital signature generation unit 1 17 for receiv- 
ing a plurality of digital signatures generated independ- 
ently by the plurality of digital signature units 115a, 
115b, — , 115s, selecting digital signatures for a time 
stamped digital document Mt of an identical time from 
these plurality of digital signatures, one digital signature 
per each one of the digital signature units 1 15a, 1 15b, , 
1 15s, and generating a unified digital signature c from 
the selected digital signatures for the time stamped dig- 
ital document Mt of the identical time; and a time stamp 
token generation unit 119 for generating a time stamp 
token (certificate) T containing the time stamped digital 
document Mt and the unified digital signature c. 
[0061] In the following, the distributed time stamp- 
ing processing in this third embodiment will be 
described in detail, with reference to Fig. 3. Here, the 
description will be given for a sub-system related to the 
combining unit 111a alone, but the operations of the 
other sub-systems related to the combining units are 
similar. 

[0062] The digital document M produced by an 
author may contain any of text data, image data, speech 
data, and binary data or their combination. This digital 
document M is combined with a time acquired from the 
time acquisition unit 1 1 3a to produce a time stamped 
digital document Mt at the combining unit 111a in the 
distributed time stamping system 101. Then, a digital 
signature for this time stamped digital document Mt is 
generated at the digital signature unit 115a. The digital 
signatures generated by the digital signature units 
115a, 115b, , 115s in this manner are collected to 
the unified digital signature generation unit 117. 
[0063] Then, the unified digital signature generation 
unit 1 1 7 generates the unified digital signature from the 
digital signatures for the time stamped digital document 
Mt of the identical time, whenever it is possible to select 
one time stamped digital document Mt of the identical 
time for each digital signature unit 115. Then, the time 
stamp token generation unit 119 generates a time 
stamp token T containing the unified digital signature 
itself and the time stamped digital document Mt used in 
generating the unified digital signature. 
[0064] Now, the digital signature generation will be 
described for an exemplary case. Here, the RSA public 
key cryptosystem will be used as an exemplary public 
key cryptosystem. 

[0065] First, for sufficiently large prime numbers p 
and q, n is defined as 

n = pq 

and an integer e that is relatively prime with respect to 



5 [0066] Then, setting n and e as the public keys, an 
integer d that satisfies 

ed = 1 mod $(n) 

io is selected and p, q, and d are set as the secret keys. 
[0067] For a digest m obtained by applying a hash 
function (such as MD5 or SHA-1, for example) to the 
time stamped digital document Mt of the identical time, 
the unified digital signature c to be generated by the uni- 

15 fied digital signature generation unit 1 17 is given by 

c = m d mod n. 

[0068] When the total number of the digital signa- 
20 ture units 1 1 5 in Fig. 3 is s, if d is expressed in a form of 
a sum of numbers as 

d = d 1 + d 2 + + d 5 

25 then the digital signatures c 1f C2, , C5 to be gener- 
ated by the digital signature units 1 15a, 1 1 5b, , 1 15s 
are given by 

dl d5 . 

c 1 = m mod n, ,c 5 = m mod n. 

30 

[0069] The time stamp token T is obtained as a dig- 
ital document containing (Mt, c). 
[0070] Next, Fig. 4 shows a configuration of the dis- 
tributed time stamping system according to the fourth 

35 embodiment of the present invention. 

[0071] In Fig. 4, the distributed time stamping sys- 
tem 103 comprises: a reception unit 130 for receiving a 
digital document M by communications; a plurality of 
time acquisition units 133a, 133b, , 133s for acquir- 

40 ing time information 

ti 1 , t2 , , — , ts ; 

45 having a constant incremental time unit, independently 
for n times where n is an integer at least greater than or 
equal to one, at a constant acquisition interval; a plural- 
ity of combining units 131a, 131b, , 131s provided 

respectively in correspondence to the time acquisition 

so units 1 33a, 1 33b, , 1 33s, for independently and suc- 
cessively producing a time stamped digital document 

Mr, j 

i 

55 

by combining a the respective time information 



<Kn) = (p-1)(q-1) 



8 



15 



EP 1 081 890 A2 



16 



with the digital document M received by the reception 
unit 130; a plurality of digital signature units 135a, 135b, 

, 135s provided respectively in correspondence to 

the combining units 131a, 131b, , 131s, for independ- 
ently generating a digital signature for each respective 
time stamped digital document 

Mt. , ; 

a unified digital signature generation unit 137 for receiv- 
ing a plurality of digital signatures generated independ- 
ently by the plurality of digital signature units 135a, 
135b, , 135s, selecting digital signatures for a time 
stamped digital document Mt of an identical time from 
these plurality of digital signatures, one digital signature 
per each one of the digital signature units 135a, 135b, , 
135s, and generating a unified digital signature c from 
the selected digital signatures for the time stamped dig- 
ital document Mt of the identical time; a time stamp 
token generation unit 139 for generating a time stamp 
token (certificate) T containing the time stamped digital 
document Mt and the unified digital signature c; and a 
transmission unit 141 for returning the time stamp token 
T generated by the time stamp token generation unit 
139, to a sender of the digital document M by communi- 
cations. 

[0072] Fig. 5 and Fig. 6 show relationships among 
the acquired time information in the third and fourth 
embodiments. Here, the relationships among the 
acquired time information are shown for an exemplary 
case of using three digital signature units. In Fig. 5 and 
Fig- 6, t 11f t 21 , t 31 respectively represent times acquired 
by the three time acquisition units in the first attempt, 
while t 12 , t22. respectively represent times acquired 
by the three time acquisition units in the second 
attempt. Also, 

T . 4 • 



t , 2 p t • 3 

respectively represent accurate times at which the first 
attempt of the time acquisition is made by the three time 
acquisition units, while 

respectively represent accurate times at which the sec- 



ond attempt of the time acquisition is made by the three 
time acquisition units. 

[0073] Fig. 5 indicates that all three time acquisition 
units have acquired the same time information in the 

5 first attempt, and they have done so in the second 
attempt as well. In this case, 1 11 = t 21 = t 31 will be the 
time used in generating the unified digital signature. 
Similarly, Fig. 6 indicates that the same time information 
was acquired by the second attempts of the first and 

10 second time acquisition units and the first attempt of the 
third time acquisition unit In this case, t 31 =t 12 =t 22 
will be the time used in generating the unified digital sig- 
nature. 

[0074] Fig. 7 shows a relationship between the 
is acquired time information and the accurate time of the 
time acquisition in the case where the incremental time 
unit of the time information is set to be a half of that used 
in Fig. 6. In Fig. 7, t n> t 21 , t 31 respectively represent 
times acquired by the three time acquisition units in the 
20 first attempt, t 12 , t^, t 32 respectively represent times 
acquired by the three time acquisition units in the sec- 
ond attempt, and t 13 , t 23 , t^ respectively represent 
times acquired by the three time acquisition units in the 
third attempt Also, 

25 

T.i, C; a . ti 3 

respectively represent accurate times at which the first 
30 attempt of the time acquisition is made by the three time 
acquisition units, 

t , l , t, 2 , "Cj * 

35 

respectively represent accurate times at which the sec- 
ond attempt of the time acquisition is made by the three 
time acquisition units, andt k1 , t^, t^ respectively repre- 
sent accurate times at which the third attempt of the 

40 time acquisition is made by the three time acquisition 
units. In this example where the incremental time unit is 
a half, there is a need for each time acquisition unit to 
carry out the time acquisition at least three times in 
order to acquire the same time information by all three 

45 time acquisition units. 

[0075] Note that the constant acquisition interval by 
which the time acquisition is to be carried out by each 
time acquisition unit can be set to an arbitrary length, 
but it should preferably be set equal to the constant 

so incremental time unit of the time to be acquired by each 
time acquisition unit 

[0076] Also, instead of actually carrying out the time 
acquisition in the second and subsequent attempts, it is 
possible to obtain the acquired times for the second and 
55 subsequent attempts by adding prescribed times in the 
constant incremental time unit sequentially to the time 
acquired in the first attempt. In this case it suffices for 
each time acquisition unit to carry out the time acquisl- 
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tion only once. 

[0077] The constant incremental time unit of the 
time to be acquired by each time acquisition unit can be 
set to an arbitrary length, but when the incremental time 
unit is made shorter, even though an accuracy of the 
acquired time can be improved, the number of the digital 
signatures that are required to be generated by each 
digital signature unit until it becomes possible to select 
the time stamped digital document Mt of the identical 
time for each one of the digital signature units will be 
increased. 

[0078] Note however that, when the arrival time of 
the digital document M at each combining unit is differ- 
ent for different combining units, it is possible to reduce 
the number of digital signatures to be generated by the 
digital signature units other than that corresponding to 
the combining unit which requires the longest arrival 
time by controlling them not to carry out the digital sig- 
nature generation for at least one of times that have no 
chance of being used as the identical time, as follows. 
[0079] Fig. 8 shows a relationship between time 
intervals in which the digital document may arrive at two 
different combining units. A part (1) of Fig. 8 represents 
a case where the latest possible arrival time for one 
combining unit is earlier than the earliest possible arrival 
time for another combining unit, a part (2) of Fig. 8 rep- 
resents a case where the latest possible arrival time for 
one combining unit is contained in the potential arrival 
time interval for another combining unit and the earliest 
possible arrival time for the former combining unit is ear- 
lier than the earliest possible arrive time for the latter 
combining unit, and a part (3) of Fig. B represents a 
case where the potential arrival time interval for one 
combining unit is completely contained within the poten- 
tial arrival time interval for another combining unit. All 
conceivable relationships between the potential arrival 
time intervals for arbitrary two combining units are cov- 
ered by these three cases. 

[0080] Fig. 9 shows a timing relationship in the ease 
where the potential arrival time interval for the combin- 
ing unit to which the digital document can arrive latest 
lies between a time "c" and a time "d\ and the potential 
arrival time interval for another arbitrary combining unit 
lies between a time "a" and a time "b". Parts (1 ), (2) and 
(3) of Fig. 9 are cases corresponding to those of parts 
(1), (2) and (3) of Fig. 8. Here the combining unit to 
which the digital document can arrive latest will be 
denoted as C1 , and another arbitrary combining unit will 
be denoted as C2. Also, the incremental time unit, i.e., 
an interval between 

1 1 and 1 1 » i f 

will be denoted as u. 

[0081] In general, each combining unit can be con- 
trolled to generate the time stamped digital documents 
by setting a generation start timing at a time obtained by 



adding a prescribed time not less than zero that is 
defined in order to eliminate times that will never be 
used for the unified digital signature generation, to a 
predetermined time that is closest to but not earlier than 

5 the current time, and combining the digital document 
sequential iy with the time information given by up to a 
specified number of prescribed incremental time units 
starting from the generation start timing. 
[0082] Here, the prescribed time not less than zero 

w is used such that, when there is a fixed displacement 
between digital document arrival times at different com- 
bining units, the combining unit that would have other- 
wise started to generate the time stamped digital 
documents earlier will delay a start of the time stamped 

15 digital document generation to account for that dis- 
placement. 

[0083] Also, the specified number is used such that, 
even when there is a variation in the potential digital 
document arrival time interval for the combining unit, it 
20 is still possible to obtain the time stamped digital docu- 
ment of the identical time for each one of the digital sig- 
nature units so that the unified digital signature can be 
generated without a failure. 

[0084] In the case of part (1) of Fig. 9, when a value 

25 of a product of u and a largest integer n not exceeding 
(c- b)/u is v and the digital document arrives to C2 at a 
time "e" between t 3 and the current time is "e", the 
predetermined time not earlier than the current time can 
be set to t* and the prescribed time not less than zero 

30 can be set to v = n • u = 1 • u since n = 1 . In addition, 
the prescribed incremental time unit is u, and the spec- 
ified number can be set to a number obtained by adding 
1 and then subtracting n from a smallest integer m 
greater than or equal to (d-a)/u . In this case, m = 5, so 

35 that the specified number will be 5+1 -1 = 5. 

[0085] As a result, there is no need to generate the 
time stamped digital document for the time ti and it suf- 
fices to generate only five time stamped digital docu- 
ments for ts, tg, t 7 , tg and tg, starting from % obtained by 

40 adding v to t 4 . Similarly, if "e" is between "a"andt 3 , it will 
suffice to generate only five time stamped digital docu- 
ments for t4, ts, te, t 7 and t^, and if "e" is between t* and 
"b", it will suffice to generate only five time stamped dig- 
ital documents for tg, t 7 , ta, tg and t^. 

45 [0086] In the case or part (2) of Fig. 9, when the dig- 
ital document arrives to C2 at a time "e" between t 3 and 
t4, the current time is "e", the predetermined time not 
earlier than the current time can be set to ti and the pre- 
scribed time not less than zero can be set to 0. If "e" is 

so between "c" and t 5 , C2 starts the time acquisition from 
te that is immediately after V. In addition, the pre- 
scribed incremental time unit is u, and the specified 
number can be set to a number obtained by adding 1 to 
a smallest integer m greater than or equal to (d-a)/u . In 

55 this case, the specified number will be 6 so that only six 
time stamped digital documents fort 4 , te, t 7 , t 8 and tg 
will be generated. 

[0087] In the case of part (3) of Fig. 9, when the dig- 
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ital document arrives to C2 at a time "e" between \$ and 
te, the current time is "e", the predetermined time not 
earlier than the current time can be set to Xq and the pre- 
scribed time not less than zero can be set to 0. In addi- 
tion, the prescribed incremental time unit is u, and the 
specified number can be sei io a number obtained by 
adding 1 to a smallest integer m greater than or equal to 
(d-a)/u . In this case, the specified number will be 3 so 
that only three time stamped digital documents for te, t 7 
and Xq will be generated. 

[0088] Now, usually, in the distributed time stamp- 
ing system, the digital signature units that constitute the 
system maintains parts of the secret key of the public 
key cryptosystem distributedly, so that a possibility of 
having the secret key stolen or a possibility of having the 
time stamp token forged can be reduced, but a possibil- 
ity for the times independently acquired by the time 
acquisition units to coincide is very small as already 
mentioned above so that there arises a problem that the 
unified digital signature cannot be generated. 
[0089] In this regard, in the third and fourth embod- 
iments, the time is acquired at a constant incremental 
time unit as described above, so that it is possible to 
increase a possibility for the independently acquired 
times to coincide. In fact, in an example shown in Fig. 5 
and Fig. 6, it is possible to obtain the time stamped dig- 
ital document of the identical time for every combining 
unit without a failure, when each time acquisition unit 
carries out the time acquisition at least twice at a con- 
stant acquisition interval, because of the relationship 
between the incremental time unit and the time differ- 
ence between the time acquisition execution times 
among the time acquisition units. As a result, it 
becomes possible to realize the distributed time stamp- 
ing with the improved safety of the secret key. 
[0090] Note that computer programs for realizing 
the distributed time stamping system as described 
above can be provided in forms of recording media such 
that these programs can be distributed more easily 
using these recording media. 

[0091] Note also that the third and fourth embodi- 
ments are described above for the case of using the 
RSA public key cryptosystem, but the present invention 
is not limited to this case and it is possible to generate 
the digital signatures and the unified digital signature 
similarly by using the other public key cryptosystems in 
which the digital signature that can be generated by 
using a single secret key can also be generated by 
using a plurality of divided secret keys obtained by divid- 
ing the secret key of the elliptic curve public key crypto- 
system, DSA (Digital Signature Algorithm), etc. 
[0092] It is also possible to generate the unified dig- 
ital signature by using a digital document that contains 
the time stamped digital document Mt rather than the 
time stamped digital document Mt itself. It is also possi- 
ble to generate the digital signature directly without 
applying the hash function to the digital document. One 
time stamped digital document Mt may be set in corre- 



spondence to one time information, or in correspond- 
ence to a plurality of time information. In the former case 
one digital signature will be generated from one time 
stamped digital document Mt, whereas in the latter case 

5 a plurality of digital signatures will be generated from 
one time stamped digital document Mt 
[0093] As described, according to the third and 
fourth embodiments, it becomes possible to obtain the 
time stamped digital document of the identical time at 

10 every combining unit without a failure so that it becomes 
possible to realize the distributed time stamping with the 
improved safety of the secret key. 
[0094] Referring now to Fig. 10 to Fig. 13, the fifth 
embodiment directed to a folder type distributed time 

15 stamping system according to the present invention will 
be described in detail. 

[0095] Fig. 10 shows a configuration of the folder 
type distributed time stamping system according to the 
fifth embodiment of the present invention. This fifth 
20 embodiment is a combination of the folder type time 
stamping system of the first and second embodiments 
and the distributed time stamping system of the third 
and fourth embodiments. 

[0096] In Fig. 1 0, the folder type distributed time 
25 stamping system 300 generally comprises a client unit 
1 00 and a server unit 200. The client unit 1 00 generates 
a time stamping request R from a plurality of digital doc- 
uments G that are the target of time stamping, and gives 
it to the server unit 200. The server unit 200 generates 
30 a time stamping token (certificate) T according to the 
received time stamping request R, and returns it to the 
client unit 100. 

[0097] Fig. 1 1 shows an exemplary configuration of 
the client unit 100 in the folder type distributed time 
35 stamping system 300 of Fig. 10. The client unit 100 of 
Fig. 1 1 corresponds to the client unit 1 00 of Fig. 2 in the 
second embodiment described above, so that the same 
elements are given the same reference numerals in the 
figure. 

40 [0098] First, the digital document specifying unit 51 
selects the digital documents G that are the target of 
time stamping from the digital documents F. 
[0099] Then, at a regular digest generation time 
specified by the time specifying unit 49, the digest gen- 

45 eration unit 31 generates digests of the selected digital 
documents. Here, it is possible to utilize the previously 
generated digests for those digital documents whose 
contents have not been modified since the digests are 
generated previously. 

so [0100] Then, the digest combining unit 33 gener- 
ates a new digital document by combining the digests of 
the target digital documents G generated by the digest 
generation unit 31. 

[0101] Then, the unified digest generation unit 36 
55 generates the unified digest from this new digital docu- 
ment. 

[0102] Then, the time stamping request R contain- 
ing the unified digest is transmitted from the transmis- 
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sion unit 37 to the server unit 200. 
[0103] At the server unit 200, the time stamp token 
T is generated as described below, and returned to the 
reception unit 45 of the client unit 100. 
[0104] Then, the verification unit 47 compares the 5 
transmission time by ihe transmission unit 37, the 
reception time by the reception unit 45, and the 
stamped time recorded in the received time stamp token 
T, verifies using a public key corresponding to the secret 
key used by the server unit 200 that the digital signature 10 
contained in the time stamp token T is the authentic dig- 
ital signature generated by the server unit 200, and ver- 
ifies that the digests time stamped by the time stamp 
token T are those transmitted from the transmission unit 
37. is 
[0105] Here, by including the previously obtained 
time stamp tokens in the target digital documents G, it 
becomes possible to acquire the time stamp token that 
includes the past creation and modification log of the 
target digital documents G. 20 
[0106] Fig. 12 shows an exemplary configuration of 
the server unit 200 in the folder type distributed time 
stamping system 300 of Rg. 1 0. The server unit 200 of 
Fig. 12 corresponds to the distributed time stamping 
system of Rg. 4 in the fourth embodiment described 25 
above, so that the same elements are given the same 
reference numerals in the figure. 
[0107] Rrst, when the reception unit 130 receives 
the time stamping request R, its copy is sent to each 
combining unit 131. so 
[0108] Then, each combining unit 131 generates 
the time stamped digital document Mt by combining the 
digital document M contained in the time stamping 
request R with the time acquired by the corresponding 
time acquisition unit 133. 35 
[0109]. Then, the corresponding digital signature 
unit 135 generates the digital signature for this time 
stamped digital document Mt using the partial secret 
key acquired in advance. The digital signatures gener- 
ated by the digital signature units 135 in this manner are 40 
collected to the unified digital signature generation unit 
137. 

[0110] Then, the unified digital signature generation 
unit 137 selects digital signatures having the identical 
time information among the collected digital signatures, 45 
one digital signature for each digital signature unit 135, 
and generates the unified digital signature. 
[0111] Then, the time stamp token generation unit 
139 generates the time stamp token T using the unified 
digital signature, and transmits it from the transmission 50 
unit 141 to the client unit 100. 

[0112] Rg. 13 shows another exemplary configura- 
tion of the server unit 200 in the folder type distributed 
time stamping system 300 of Rg. 1 0. The server unit 
200 of Rg. 13 adopts a distributed configuration in 55 
which the functions of the server unit 200 are to be oper- 
ated by independent third party authories, where the 
same elements as in the server unit 200 of Fig. 12 are 
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given the same reference numerals in the figure. 
[0113] Rg. 13 differs from Rg. 12 in that a set of 
one combining unit 131, one time acquisition unit 133 
and one digital signature unit 135 constitute one distrib- 
uted partial time stamping authority 205, and the recep- 
tion unit 130, the unified digital signature generation unit 
137, the time stamp token generation unit 139 and the 
transmission unit 141 constitute one time stamping 
authority 204, but the operation of each unit is the same 
as in the case of Rg. 12. 

[0114] It is to be noted that the above described 
embodiments according to the present invention may be 
conveniently implemented using a conventional general 
purpose digital computer programmed according to the 
teachings of the present specification, as will be appar- 
ent to those skilled in the computer art. Appropriate soft- 
ware coding can readily be prepared by skilled 
programmers based on the teachings of the present dis- 
closure, as will be apparent to those skilled in the soft- 
ware art 

[01 1 5] In particular, the client unit or the server unit 
of each of the above described embodiments can be 
conveniently implemented in a form of a software pack- 
age. 

[01 1 6] Such a software package can be a computer 
program product which employs a storage medium 
including stored computer code which is used to pro- 
gram a computer to perform the disclosed function and 
process of the present invention. The storage medium 
may include, but is not limited to, any type of conven- 
tional floppy disks, optical disks, CD-ROMs, magneto- 
optical disks, ROMs, RAMs, EPROMs, EEPROMs, 
magnetic or optical cards, or any other suitable media 
for storing electronic instructions. 
[0117] ft is also to be noted that, besides those 
already mentioned, above, many modifications and var- 
iations of the above embodiments may be made without 
departing from the novel and advantageous features of 
the present invention. Accordingly, all such modifica- 
tions and variations are intended to be included within 
the scope of the appended claims. 

Claims 

1 . A time stamping system, comprising a client device 
and a server device; 

the client device including: 

a digest generation unit for generating a 
plurality of digests for a plurality of digital 
documents; 

a digest combining unit for combining the 
plurality of digests generated by the digest 
generation unit; 

a unified digest generation unit for generat- 
ing a unified digest from the plurality of 
digests as combined by the digest combin- 
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ing unit; 

a transmission unit for transmitting a time 
stamping request containing the unified 
digest generated by the unified digest gen- 
eration unit, to the server device; and 5 
a reception unit for receiving a time stamp 
token for the plurality of digital documents 
from the server device; and 

wherein the server device generates the time 10 
stamp token containing a time stamped digital 
document obtained by combining the unified 
digest and a time information acquired in 
response to the time stamping request, and a 
digital signature for the time stamped digital 15 
document. 

2. The time stamping system of claim 1 , wherein the 
client device further includes: 

20 

a digital document specifying unit for specifying 
the plurality of digital documents from digital 
documents on a personal computer or a net- 
work, in units of files or folders. 

25 

3. The time stamping system of claim 2, wherein the 
digital document specifying unit specifies the plural- 
ity of digital documents such that a previously 
obtained time stamp token is included in the plural- 
ity of digital documents. 30 

4. The time stamping system of claim 1, wherein the 
client device further includes: 

a time specifying unit for specifying regular 35 
digest generation times to the digest genera- 
tion unit such that the digest generation unit 
regularly generates the plurality of digests at 
the regular digest generation times. 

40 

5. The time stamping system of claim 1, wherein the 
client device further includes: 

a verification unit for verifying whether the dig- 
ital signature contained in the time stamp token 45 
received at the reception unit is authentic or 
not 

6. The time stamping system of claim 1 , wherein the 
client device further includes: so 

a verification unit for verifying that a time indi- 
cated by the time stamped digital document 
contained in the time stamp token received at 
the reception unit is between a transmission 55 
time of the time stamping request at the trans- 
mission unit and a reception time of the time 
stamp token at the reception unit 



7. The time stamping system of claim 1 , wherein the 
server device includes: 

a digital signature generation unit for obtaining 
the time stamped digital document by combin- 
ing the unified digest and the time information, 
and generating the digital signature for the time 
stamped digital document; and 
a time stamp token generation unit for generat- 
ing the time stamp token from the time 
stamped digital document and the digital signa- 
ture generated by the digital signature genera- 
tion unit. 

8. The time stamping system of claim 1 , wherein the 
server device includes: 

a plurality of time acquisition units, each time 
acquisition unit sequentially acquiring the time 
information given in a prescribed constant 
incremental time unit, in response to the time 
stamping request, independently from other 
time acquisition units; 

a plurality of combining units, provided in corre- 
spondence to the plurality of time acquisition 
units, each combining unit generating a plural- 
ity of time stamped digital documents by 
sequentially combining a data containing the 
unified digest with the time information sequen- 
tially acquired by a corresponding one of the 
time acquisition units, independently from other 
combining units; 

a plurality of digital signature units, provided in 
correspondence to the plurality of combining 
units, each digital signature unit generating a 
digital signature for each time stamped digital 
document generated by a corresponding one 
of the combining units, independently from 
other digital signature units; 
a unified digital signature generation unit for 
selecting a plurality of digital signatures, one 
digital signature per each digital signature unit, 
which are generated by the plurality of digital 
signature units for one time stamped digital 
document of an identical time, from a plurality 
• of digital signatures generated by the plurality 
of digital signature units, and generating a uni- 
fied digital signature from selected digital sig- 
natures; and 

a time stamp token generation unit for generat- 
ing the time stamp token from said one time 
stamped digital document and the unified dig- 
ital signature generated by the unified digital 
signature generation unit. 

9. The time stamping system of claim 8, wherein each 
digital signature unit is controlled not to generate 
the digital signature for at least one of those time 
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stamped digital documents of times that have no 
chance of becoming the identical time. 

10. The time stamping system of claim 8, wherein the 
unified digital signature generation unit and the time 5 
stamp token generation unit constitute a time 
stamping authority, while each set of a time acquisi- 
tion unit, a combining unit, and a digital signature 
unit constitute a distributed partial time stamping 
authority. 10 

1 1 . A client device of a time stamping system, the client 
device comprising: 

a digest generation unit for generating a plural- 15 
Wy of digests for a plurality of digital documents; 
a digest combining unit for combining the plu- 
rality of digests generated by the digest gener- 
ation unit; 

a unified digest generation unit for generating a 20 
unified digest from the plurality of digests as 
combined by the digest combining unit: 
a transmission unit for transmitting a time 
stamping request containing the unified digest 
generated by the unified digest generation unit, 25 
to a server device of the time stamping system; 
and 

a reception unit for receiving a time stamp 
token for the plurality of digital documents from 
the server device. 30 

12. The client device of claim 1 1 , further comprises: 

a digital document specifying unit for specifying 
the plurality of digital documents from digital 35 
documents on a personal computer or a net- 
work, in units of files or folders. 

13. The client device of claim 12, wherein the digital 
document specifying unit specifies the plurality of 40 
digital documents such that a previously obtained 
time stamp token is included in the plurality of dig- 
ital documents. 

14. The client device of claim 1 1 , further comprising: 45 

a time specifying unit for specifying regular 
digest generation times to the digest genera- 
tion unit such that the digest generation unit 
regularly generates the plurality of digests at so 
the regular digest generation times. 

15. The client device of claim 11, wherein the time 
stamp token contains a time stamped digital docu- 
ment obtained by combining the unified digest and 55 
a time information acquired in response to the time 
stamping request, and a digital signature for the 
time stamped digital document, and 



JO A2 26 

the client device further comprises a verifica- 
tion unit for verifying whether the digital signa- 
ture contained in the time stamp token received 
at the reception unit is authentic or not 

16. The client device of claim 11, wherein the time 
stamp token contains a time stamped digital docu- 
ment obtained by combining the unified digest and 
a time information acquired in response to the time 
stamping request, and a digital signature for the 
time stamped digital document, and 

the client device further comprises a verifica- 
tion unit for verifying that a time indicated by the 
time stamped digital document contained in the 
time stamp token received at the reception unit 
is between a transmission time of the time 
stamping request at the transmission unit and a 
reception time of the time stamp token at the 
reception unit. 

17. A server device of a time stamping system, the 
server device comprising; 

a plurality of time acquisition units, each time 
acquisition unit sequentially acquiring the time 
information given in a prescribed constant 
incremental time unit, in response to a received 
digital document, independently from other 
time acquisition units; 

a plurality of combining units, provided in corre- 
spondence to the plurality of time acquisition 
units, each combining unit generating a plural- 
ity of time stamped digital documents by 
sequentially combining the received digital 
document with the time information sequen- 
tially acquired by a corresponding one of the 
time acquisition units, independently from other 
combining units; 

a plurality of digital signature units, provided in 
correspondence to the plurality of combining 
units, each digital signature unit generating a 
digital signature for each time stamped digital 
document generated by a corresponding one 
of the combining units, independently from 
other digital signature units; 
a unified digital signature generation unit for 
selecting a plurality of digital signatures, one 
digital signature per each digital signature unit, 
which are generated by the plurality of digital 
signature units for one time stamped digital 
document of an identical time, from a plurality 
of digital signatures generated by the plurality 
of digital signature units, and generating a uni- 
fied digital signature from selected digital sig- 
natures; and 

a time stamp token generation unit for generat- 
ing the time stamp token from said one time 
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stamped digital document and the unified dig- 
ital signature generated by the unified digital 
signature generation unit 

18. The server device of claim 17, wherein each digital 
signature unit is controlled not to generate the dig- 
ital signature for at least one of those time stamped 
digital documents of times that have no chance of 
becoming the identical time. 

19. The server device of claim 17 f wherein the unified 
digital signature generation unit and the time stamp 
token generation unit constitute a time stamping 
authority, while each set of a time acquisition unit, a 
combining unit, and a digital signature unit consti- 
tute a distributed partial time stamping authority. 

20. A time stamping method in a time stamping system 
formed by a client device and a server device, com- 
prising the steps of: 

(a) generating a plurality of digests for a plural- 
ity of digital documents at the client device; 

(b) combining the plurality of digests generated 
by the step (a), at the client device; 

(c) generating a unified digest from the plurality 
of digests as combined by the step (b), at the 
client device; 

(d) transmitting a time stamping request con- 
taining the unified digest generated by the step 
(c), from the client device to the server device; 

(e) generating at the server device a time 
stamp token containing a time stamped digital 
document obtained by combining the unified 
digest and a time information acquired in 
response to the time stamping request, and a 
digital signature for the time stamped digital 
document; and 

(f) receiving the time stamp token for the plural- 
ity of digital documents from the server device, 
at the client device. 

21 . The method of claim 20, further comprising the step 
of: 

specifying the plurality of digital documents 
from digital documents on a personal computer 
or a network, in units of files or folders, at the 
client device. 

22. The method of claim 21, wherein the specifying 
step specifies the plurality of digital documents 
such that a previously obtained time stamp token is 
included in the plurality of digital documents. 

23. The method of claim 20, further comprising the step 
of: 



specifying regular digest generation times at 
the client device such that the step (a) regularly 
generates the plurality of digests at the regular 
digest generation times. 

5 

24. The method of claim 20, further comprising the step 
of: 

verifying whether the digital signature con- 
w tained in the time stamp token received by the 

step (f) is authentic or not, at the client device. 

25. The method of claim 20, further comprising the step 
of: 

75 

verifying that a time indicated by the time 
stamped digital document contained in the time 
stamp token received by the step (0 is between 
a transmission time of the time stamping 
20 request at the step (d) and a reception time of 

the time stamp token at the step (f), at the client 
device. 

26. The method of claim 20, wherein the step (e) com- 
25 prises the sub-steps of: 

(e1) sequentially acquiring the time information 
given in a prescribed constant incremental time 
unit, in response to the time stamping request, 

30 at each one of a plurality of time acquisition 

units in the server device, independently from 
other time acquisition units; 
(e2) generating a plurality of time stamped dig- 
ital documents at each one of a plurality of 

35 combining units, provided in correspondence 

to the plurality of time acquisition units in the 
server device, by sequentially combining a data 
containing the unified digest with the time infor- 
mation sequentially acquired by a correspond- 

40 ing one of the time acquisition units, 

independently from other combining units; 
(e3) generating a digital signature at each one 
of a plurality of digital signature units, provided 
in correspondence to the plurality of combining 

45 units in the server device, for each time 

stamped digital document generated by a cor- 
responding one of the combining units, inde- 
pendently from other digital signature units; 
(e4) selecting a plurality of digital signatures, 

so one digital signature per each digital signature 

unit, which are generated by the plurality of dig- 
ital signature units for one time stamped digital 
document of an identical time, from a plurality 
of digital signatures generated by the plurality 

55 of digital signature units, and generating a uni- 

fied digital signature from selected digital sig- 
natures; and 

(e5) generating the time stamp token from said 
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one time stamped digital document and the 
unified digital signature generated by the step 
(e4). 

27. The method of claim 26. wherein at the step (e3), s 
each digital signature unit is controlled not to gener- 
ate the digital signature for at least one of those 
time stamped digital documents of times that have 

no chance of becoming the identical time. 

10 

28. A method of receiving a time stamping service at a 
client device of a time stamping system, the method 
comprising the steps of; 

(a) generating a plurality of digests for a plural- 15 
ity of digital documents; 

(b) combining the plurality of digests generated 
by the step (b); 

(c) generating a unified digest from the plurality 

of digests as combined by the step (b); 20 

(d) transmitting a time stamping request con- 
taining the unified digest generated by the step 
(c), to a server device of the time stamping sys- 
tem; and 

(e) receiving a time stamp token for the plurality 25 
of digital documents from the server device. 

29. The method of claim 28, further comprising the step 
of: 

30 

specifying the plurality of digital documents 
from digital documents on a personal computer 
or a network, in units of files or folders. 

30. The method of claim 29, wherein the specifying 35 
step specifies the plurality of digital documents 
such that a previously obtained time stamp token is 
included in the plurality of digital documents. 

31. The method of claim 28, further comprising the step 40 
of: 

specifying regular digest generation times at 
the client device such that the step (a) regularly 
generates the plurality of digests at the regular 45 
digest generation times. 

32. The method at claim 28, wherein the time stamp 
token contains a time stamped digital document 
obtained by combining the unified digest and a time so 
information acquired in response to the time stamp- 
ing request, and a digital signature for the time 
stamped digital document, and 

the method further comprises the step of verify- 55 
ing whether the digital signature contained in 
the time stamp token, received by the step (e) 
is authentic or not, at the client device. 



33. The method of claim 28, wherein the time stamp 
token contains a time stamped digital document 
obtained by combining the unified digest and a time 
information acquired in response to the time stamp- 
ing request, and a digital signature for the time 
stamped digital document, and 

the method further comprises the step of verify- 
ing that a time indicated by the time stamped 
digital document contained in the time stamp 
token received by the step (c) is between a 
transmission time of the time stamping request 
at the step (d) and a reception time of the time 
stamp token at the step (e), at the client device. 

34. A method of providing a time stamping service at a 
server device of a time stamping system, the 
method comprising the steps of: 

(a) sequentially acquiring a time information, 
given in a prescribed constant incremental time 
unit, in response to a received digital docu- 
ment, at each one of a plurality of time acquisi- 
tion units in the server device, independently 
from other time acquisition units; 

(b) generating a plurality of time stamped dig- 
ital documents at each one of a plurality of 
combining units, provided in correspondence 
to the plurality of time acquisition units in the 
server device, by sequentially combining the 
received digital document with the time infor- 
mation sequentially acquired by a correspond- 
ing one of the time acquisition units, 
independently from other combining units; 

(c) generating a digital signature at each one of 
a plurality of digital signature units, provided in 
correspondence to the plurality of combining 
units in the server device, for each time 
stamped digital document generated by a cor- 
responding one of the combining units, inde- 
pendently from other digital signature units; 

(d) selecting a plurality of digital signatures, 
one digital signature per each digital signature 
unit, which are generated by the plurality of dig- 
ital signature units for one time stamped digital 
document of an identical time, from a plurality 
of digital signatures generated by the plurality 
or digital signature units, and generating a uni- 
fied digital signature from selected digital sig- 
natures; and 

(e) generating the time stamp token from said 
one time stamped digital document and the 
unified digital signature generated by the step 
(d). 

35. The method of claim 34, wherein at the step (c), 
each digital signature unit is controlled not to gener- 
ate the digital signature for at least one of those 
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time stamped digital documents of times that have 
no chance of becoming the identical time. 

36. A computer usable medium having computer read- 
able program codes embodied therein for causing a 5 
computer to function as a client device of a time 
stamping system, the computer readable program 
codes including: 

a first computer readable program code for io 
causing said computer to generate a plurality of 
digests for a plurality of digital documents; 
a second computer readable program code for 
causing said computer to combine the plurality 
of digests generated by the first computer read- is 
able program code: 

a third computer readable program code for 
causing said computer to generate a unified 
digest from the plurality of digests as combined 
by the second computer readable program 20 
code: 

a fourth computer readable program code for 
causing said computer to transmit a time 
stamping request containing the unified digest 
generated by the third computer readable pro* 25 
gram code, to a server device of the time 
stamping system; and 

a fifth computer readable program code for 
causing said computer to receive a time stamp 
token for the plurality of digital documents from 30 
the server device. 

37. A computer usable medium having computer read- 
able program codes embodied therein for causing 

at least one computer to function as a server device 35 
of a time stamping system, the computer readable 
program codes including: 

a first computer readable program code for 
causing said at least one computer to realize a 40 
plurality of time acquisition units, each time 
acquisition unit sequentially acquiring the time 
information given in a prescribed constant 
incremental time unit, in response to a received 
digital document, independently from other 45 
time acquisition units; 

a second computer readable program code for 
causing said at least one computer to realize a 
plurality of combining units, provided in corre- 
spondence to the plurality of time acquisition so 
units, each combining unit generating a plural- 
ity of time stamped digital documents by 
sequentially combining the received digital 
document with the time information sequen- 
tially acquired by a corresponding one of the 55 
time acquisition units, independently from other 
combining units; 

a third computer readable program code for 
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causing said at least one computer to realize a 
plurality of digital signature units, provided in 
correspondence to the plurality of combining 
units, each digital signature unit generating a 
digital signature for each time stamped digital 
document generated by a corresponding one 
of the combining units, independently from 
other digital signature units; 
a fourth computer readable program code for 
causing said at least one computer to select a 
plurality of digital signatures, one digital signa- 
ture per each digital signature unit, which are 
generated by the plurality of digital signature 
units for one time stamped digital document of 
an identical time, from a plurality of digital sig- 
natures generated by the plurality of digital sig- 
nature units, and to generate a unified digital 
signature from selected digital signatures; and 
a fifth computer readable program code for 
causing said at least one computer to generate 
the time stamp token from said one time 
stamped digital document and the unified dig- 
ital signature generated by the fourth computer 
readable program code. 
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(54) Folder type time stamping system and distributed time stamping system 



(57) In a time stamping system formed by a client 
device and a server device, the client device includes a 
digest generation unit for generating a plurality of di- 
gests for a plurality of digital documents, a digest com- 
bining unit for combining the plurality of digests gener- 
ated by the digest generation unit, a unified digest gen- 
eration unit for generating a unified digest from the plu- 
rality of digests as combined by the digest combining 
unit, a transmission unit for transmitting a time stamping 



request containing the unified digest generated by the 
unified digest generation unit, to the server device, and 
a reception unit for receiving a time stamp token for the 
plurality of digital documents from the server device. 
The server device generates the time stamp token con- 
taining a time stamped digital document obtained by 
combining the unified digest and a time information ac- 
quired in response to the time stamping request, and a 
digital signature for the time stamped digital document. 



CO 
< 

o 
a> 
oo 

oo 



Si 

62 



go 
TARGET 
DIGITAL 
DOCUMENTS 

{ 



HG.l 



i_ 

FOLDER TYPE TIME ST AMP^G_ SYSTEM 
i CLIENT UNTT 



.100 



.200 



DIGEST 

COMBINING 

UNTT 



UNI 
DIGEST 



UNTT 



ATION 



TRANSMISSION 
UNIT 



UNTT 



25 
J— 



RECEPTION 
UNIT 



ir 



SERVER UNTT 
19 




DIGITAL 


SIGNATURE 


GENERATION 


UNTT 




v ; 






' 


TIME 




STAMPING 


UNIT 




f : 








TIME 




ACQUISmON 


UNTT 





— j .-J 



CL 
LU 



Printed by Jouve. 75001 PARIS (FR) 



EP 1 081 890 A3 




European Patent 
Office 



EUROPEAN SEARCH REPORT 



Application Number 
EP 00 11 8221 



DOCUMENTS CONSIDERED TO BE RELEVANT 



Category 



Citation of document with indication, where appropriate, 
of relevant passages 



Relevant 
to claim 



CLASSIFICATION OF THE 
APPLICATION (InLCl.T) 



8 
| 

CM 

m 

8 



2 



WO 99 35785 A (KONINKL PHILIPS ELECTRONICS 
NV ;PHILIPS SVENSKA AB (SE)) 
15 July 1999 (1999-07-15) 



* page 1, line 10 - line 17 * 

* page 2, line 8 - line 13 * 

* page 12, line 21 - line 22 * 

* page 12, line 30 - page 13, line 2 

* abstract; claim 11 * 

* figure 4 * 

* claim 1 * 



W0 98 39876 A (SKYLIGHT SOFTWARE INC) 
11 September 1998 (1998-09-11) 

* page 11, line 31 - page 12, line 17 * 

* figure 10 * 

GB 2 301 919 A (BANKERS TRUST CO) 
18 December 1996 (1996-12-18) 

* page 16, line 34 - page 17, line 2 * 

* page 35, line 9-34 * 



W0 92 03000 A (BELL COMMUNICATIONS RES) 
20 February 1992 (1992-02-20) 
* page 6, line 6 - page 8, line 6; figures 
1>5 * 



The present search report has been drawn up for ail claims 



I- 7, 

II- 16, 
20-25, 
28-33,36 
8-10,26,1 
27 



H04L9/32 



17-19, 
34.35,37) 

1,11.28. 
28,36 



17-19, 
34,35,37 



8-10,26, 
27 

1-16, 
20-33,36 



Race of search 

MUNI CH 



Data erf compaction or the search 

23 July 2002 



TECHNICAL FIELDS 
SEARCHED <triLCt.7) 



H04L 



Examiner 



Cretaine, P 



CATEGORY OF CITED DOCUMENTS 

X : particularly retevart tf taken alone 

Y : particularly relevant H combined with another 

document ol the same category 
A : technological background 
O : non- written disclosure 
P : Intermediate document 



T : theory or principle underlying the invention 
E : earlier patent document but pubBshed on. or 

after the fifing date 
D : document cited in the application 
L : document cited lor other reasons 



a : member erf the same patent family, corresponding 
document 



2 



EP 1 081 890 A3 




European Patent 
Office 



LACK OF UNITY OF INVENTION 
SHEET B 



EP 00 11 8221 



Application Number 



The Search Division considers that the present European patent application does not comply with the 
requirements o1 unity of invention and relates to several inventions or groups of inventions, namely: 

1. Claims: 1-16, 20-33, 36 

System, method and program for providing a single time stamp 
for a plurality of digital documents in a client- server 
configuration 



2. Claims: 17-19. 34, 35, 37 

System, method and program for providing a distributed time 
stamping by using distributed time stamping agencies. 



3 



